CVE-2024-57184

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jan 24, 2025

CWE ID 120

Summary

CVE-2024-57184 is a newly discovered heap-based buffer overflow vulnerability affecting GPAC v0.8.0, as demonstrated by MP4Box. This issue, located in the gf_m2ts_process_pmt function of media_tools/mpegts.c at line 2163, can result in a denial of service (DoS) when processing a specially crafted MP4 file. By exploiting this vulnerability, an attacker could potentially cause GPAC to crash or consume excessive system resources, thereby rendering the affected system unresponsive. This issue poses a significant risk to systems that use GPAC to process MP4 files and underscores the importance of timely updates and robust input validation to protect against such attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

GPAC MP4Box

Affected Vendors

GPAC

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners